Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-359

CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

184 vulnerabilities with CWE-359

CVE-2025-3035 MEDIUM

Firefox < 137.0 - Unauthorized Document Title Exposure via AI Chatbot

CVE-2025-26816 MEDIUM

Intrexx Portal Server <12.0.2 - Info Disclosure

CVE-2025-27080 MEDIUM

AOS-CX - Info Disclosure

CVE-2025-25042 MEDIUM

HPE AOS-CX Sensitive Information Exposure via REST Interface

CVE-2025-1939 LOW

Firefox < 136.0 - Permission Spoofing via Custom Tabs Transition Animation

CVE-2025-20060 HIGH

Dario Health USB-C Blood Glucose Monitoring System Android < 5.8.7.0.36 - Personal Health Information Exposure

CVE-2025-20615 MEDIUM

Qardio Arm iOS - Unauthenticated Exposure of Sensitive Data in Plist File

CVE-2025-0683 MEDIUM

Contec Health CMS8000 Patient Monitor - Info Disclosure

CVE-2025-24355 HIGH

Updatecli <0.93.0 - Info Disclosure

CVE-2024-13953 MEDIUM

ASPECT-Enterprise <3.* - Info Disclosure

CVE-2024-42325 LOW

Zabbix 5.0.0-5.0.45 - Unauthorized Exposure of User Information via API user.get

CVE-2024-10267 HIGH

transformeroptimus/superagi - Info Disclosure

CVE-2024-13228 MEDIUM

Qubely - Advanced Gutenberg Blocks <1.8.13 - Info Disclosure

CVE-2024-11216 HIGH

PozitifIK Pik Online <3.1.5 - Privilege Escalation

CVE-2024-13217 MEDIUM

Jeg Elementor Kit <2.6.11 - Info Disclosure

CVE-2024-12041 MEDIUM

Directorist: AI-Powered WordPress Business Directory Plugin - Info ...

CVE-2024-13216 MEDIUM

HT Event - WordPress Event Manager Plugin for Elementor <1.4.7 - In...

CVE-2024-13215 MEDIUM

Elementor Addon Elements <1.13.10 - Info Disclosure

CVE-2024-11396 MEDIUM

Event Monster < 1.4.3 - Unauthenticated Information Exposure via Visitors List Export

CVE-2024-41780 MEDIUM

IBM Jazz Foundation <7.1.0 - Info Disclosure

CVE-2024-49765 MEDIUM

Discourse - Unauthorized Account Creation via Discourse Connect Bypass

CVE-2024-11712 MEDIUM

WP Job Portal < 2.2.3 - Unauthenticated Exposure of Private Personal Information via getResumeFileDownloadById

CVE-2024-42494 MEDIUM

Ruijie Reyee OS <2.320 - Info Disclosure

CVE-2024-53258 MEDIUM

Autolab 3.0.0-3.0.2 - Unauthorized Submission Download via download_all_submissions Feature

CVE-2024-49025 MEDIUM

Microsoft Edge Chromium < 131.0.2903.48 - Exposure of Private Personal Information

Previous Page 4 of 8 Next

Details

Vulnerabilities 184

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy